Lucene search
K

PYSEC-2022-42987

šŸ—“ļøĀ 22 Nov 2022Ā 01:15:00Reported byĀ Python Packaging AdvisoryTypeĀ 
pypa
Ā pypa
šŸ”—Ā github.comšŸ‘Ā 6Ā Views

CKAN vulnerability allows unauthenticated takeover of existing accounts via HTTP POST with a user id.

Related
Detection
Refs
ReporterTitlePublishedViews
Family
Circl
CVE-2022-43685
22 Nov 202207:12
–circl
CNNVD
CKAN ęŽˆęƒé—®é¢˜ę¼ę“ž
22 Nov 202200:00
–cnnvd
CVE
CVE-2022-43685
22 Nov 202200:00
–cve
Cvelist
CVE-2022-43685
22 Nov 202200:00
–cvelist
EUVD
EUVD-2022-0038
3 Oct 202520:07
–euvd
Github Security Blog
CKAN contains Improper Authentication leading to account takeover
22 Nov 202203:30
–github
NVD
CVE-2022-43685
22 Nov 202201:15
–nvd
OSV
GHSA-M2XP-JXFG-QQ6G CKAN contains Improper Authentication leading to account takeover
22 Nov 202203:30
–osv
OSV
PYSEC-2022-42987
22 Nov 202201:15
–osv
Prion
Cross site request forgery (csrf)
22 Nov 202201:15
–prion
Rows per page
Vulners
Node
pypickanRange0–2.9.7

Data

Build on a solid foundation withĀ Vulners data

WeĀ provide theĀ essential building blocks forĀ cybersecurity solutions withĀ comprehensive, structured, andĀ constantly updated vulnerability andĀ exploits data

Api

Power your application withĀ Vulners API

The Vulners REST API offers reliable, high-performance access toĀ vulnerabilityĀ intelligence, withĀ 99.9%Ā SLAĀ uptime andĀ CDN-backed data delivery forĀ seamlessĀ global access

App

Assess and manage vulnerabilities withĀ VulnersĀ tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

04 May 2023 04:29Current
7High risk
Vulners AI Score7
CVSS 3.18.8
EPSS0.00679
SSVC
6